package com.zjg.vue_cms.security.conf;

import com.zjg.vue_cms.security.filter.MyAuthenticationFilter;
import com.zjg.vue_cms.security.handler.GuassFailureHandler;
import com.zjg.vue_cms.security.handler.GuassLogoutSuccessHandler;
import com.zjg.vue_cms.security.handler.GuassSuccessHandler;
import com.zjg.vue_cms.security.service.GuassPasswordEncoder;
import com.zjg.vue_cms.security.service.GuassUserDetailServiceImpl;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.OrRequestMatcher;

import javax.annotation.Resource;

/**
 * @author guass
 * @date 2022年04月20日 15:46
 */
@EnableWebSecurity
@Slf4j
public class WebSecurityConf extends WebSecurityConfigurerAdapter {

    @Resource
    private GuassUserDetailServiceImpl guassUserDetailServiceImpl;

    @Resource
    private GuassPasswordEncoder guassPasswordEncoder;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //把自定义认证过滤器加到拦截器链中
        http.addFilterBefore(authenticationFilter(), UsernamePasswordAuthenticationFilter.class);

        http.authorizeHttpRequests()
                .mvcMatchers("/test/guass").permitAll()
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .loginProcessingUrl("/login")
                .successHandler(new GuassSuccessHandler())
                .failureHandler(new GuassFailureHandler())
                .and()
                .logout()//开启注销配置
                .logoutUrl("/logout") //退出登录URL 默认get 请求 路径为 /logout
                .logoutRequestMatcher(new OrRequestMatcher(
                        new AntPathRequestMatcher("/logout_1","POST"),
                        new AntPathRequestMatcher("/logout_2","POST")
                ))
                .invalidateHttpSession(true) //退出时是否session失效 默认TRUE
                .clearAuthentication(true) //清除认证信息
                .logoutSuccessHandler(new GuassLogoutSuccessHandler())
        ;
                ;
        http.csrf().disable();
        http.cors();

    }

    @Bean
    MyAuthenticationFilter authenticationFilter() throws Exception {
        MyAuthenticationFilter filter = new MyAuthenticationFilter();
        filter.setAuthenticationManager(authenticationManagerBean());
        filter.setAuthenticationSuccessHandler(new GuassSuccessHandler());
        filter.setAuthenticationFailureHandler(new GuassFailureHandler());
        return filter;
    }



    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        log.info("guass auth {}",auth);
        auth.authenticationProvider(getAuthenticationProvider());
    }

    @Bean
    public AuthenticationProvider getAuthenticationProvider(){
        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
        daoAuthenticationProvider.setUserDetailsService(guassUserDetailServiceImpl);
//        daoAuthenticationProvider.setPasswordEncoder(mipsPasswordEncoder);
        daoAuthenticationProvider.setPasswordEncoder(guassPasswordEncoder);
        daoAuthenticationProvider.setHideUserNotFoundExceptions(false);
        return daoAuthenticationProvider;
    }

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
}
